diff options
Diffstat (limited to 'templates/vpn')
27 files changed, 51 insertions, 83 deletions
diff --git a/templates/vpn/ipsec/esp-group/node.def b/templates/vpn/ipsec/esp-group/node.def index 0ba76f8..988f5a2 100644 --- a/templates/vpn/ipsec/esp-group/node.def +++ b/templates/vpn/ipsec/esp-group/node.def @@ -1,6 +1,4 @@ tag: type: txt -help: Encapsulating Security Payload (ESP) +help: Name of Encapsulating Security Payload (ESP) group syntax:expression: pattern $VAR(@) "^[-_a-zA-Z0-9.]+$" ; "invalid ESP group name \"$VAR(@)\"" -comp_help: possible completions - <text> Set the name of an ESP group diff --git a/templates/vpn/ipsec/esp-group/node.tag/compression/node.def b/templates/vpn/ipsec/esp-group/node.tag/compression/node.def index 178a4da..ba9f343 100644 --- a/templates/vpn/ipsec/esp-group/node.tag/compression/node.def +++ b/templates/vpn/ipsec/esp-group/node.tag/compression/node.def @@ -2,6 +2,5 @@ help: ESP compression type: txt default: "disable" syntax:expression: $VAR(@) in "enable", "disable"; "must be enable or disable" -comp_help: possible completions - enable Set ESP compression enabled - disable Set ESP compression disabled (default) +val_help: enable; Enable ESP compression +val_help: disable; Disable ESP compression (default) diff --git a/templates/vpn/ipsec/esp-group/node.tag/lifetime/node.def b/templates/vpn/ipsec/esp-group/node.tag/lifetime/node.def index 3634d6c..2690d54 100644 --- a/templates/vpn/ipsec/esp-group/node.tag/lifetime/node.def +++ b/templates/vpn/ipsec/esp-group/node.tag/lifetime/node.def @@ -2,5 +2,4 @@ help: ESP lifetime type: u32 default: 3600 syntax:expression: ($VAR(@) >= 30 && $VAR(@) <= 86400) ; "must be in the range 30 to 86400 seconds" -comp_help: possible completions - <30-86400> Set ESP lifetime in seconds (default 3600) +val_help: u32:30-86400; ESP lifetime in seconds (default 3600) diff --git a/templates/vpn/ipsec/esp-group/node.tag/mode/node.def b/templates/vpn/ipsec/esp-group/node.tag/mode/node.def index 4a410a4..ce192bf 100644 --- a/templates/vpn/ipsec/esp-group/node.tag/mode/node.def +++ b/templates/vpn/ipsec/esp-group/node.tag/mode/node.def @@ -2,6 +2,5 @@ help: ESP mode type: txt default: "tunnel" syntax:expression: $VAR(@) in "tunnel", "transport"; "must be tunnel or transport" -comp_help: possible completions - tunnel Set tunnel mode (default) - transport Set transport mode +val_help: tunnel; Tunnel mode (default) +val_help: transport; Transport mode diff --git a/templates/vpn/ipsec/esp-group/node.tag/pfs/node.def b/templates/vpn/ipsec/esp-group/node.tag/pfs/node.def index b66b1ec..7185c27 100644 --- a/templates/vpn/ipsec/esp-group/node.tag/pfs/node.def +++ b/templates/vpn/ipsec/esp-group/node.tag/pfs/node.def @@ -2,8 +2,7 @@ help: ESP Perfect Forward Secrecy type: txt default: "enable" syntax:expression: $VAR(@) in "enable", "disable", "dh-group2", "dh-group5"; "must be enable, disable, dh-group2 or dh-group5" -comp_help: possible completions - enable Enable PFS. Use ike-group's dh-group (default) - dh-group2 Enable PFS. Use Diffie-Hellman group 2 - dh-group5 Enable PFS. Use Diffie-Hellman group 5 - disable Disable PFS +val_help: enable; Enable PFS. Use ike-group's dh-group (default) +val_help: dh-group2; Enable PFS. Use Diffie-Hellman group 2 +val_help: dh-group5; Enable PFS. Use Diffie-Hellman group 5 +val_help: disable; Disable PFS diff --git a/templates/vpn/ipsec/esp-group/node.tag/proposal/node.def b/templates/vpn/ipsec/esp-group/node.tag/proposal/node.def index 4d80a5e..22d1e16 100644 --- a/templates/vpn/ipsec/esp-group/node.tag/proposal/node.def +++ b/templates/vpn/ipsec/esp-group/node.tag/proposal/node.def @@ -2,6 +2,5 @@ tag: type: u32 help: ESP-group proposal [REQUIRED] syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 65535) ; "must be between 1-65535" -comp_help: possible completions - <1-65535> Set the esp-group proposal number +val_help: u32:1-65535; ESP-group proposal number diff --git a/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def b/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def index 34e9705..1c02803 100644 --- a/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def +++ b/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def @@ -2,7 +2,6 @@ help: Encryption algorithm type: txt default: "aes128" syntax:expression: $VAR(@) in "aes128", "aes256", "3des"; "must be aes128, or aes256, or 3des" -comp_help: possible completions - aes128 Set aes128 encryption (default) - aes256 Set aes256 encryption - 3des Set 3des encryption +val_help: aes128; AES-128 encryption (default) +val_help: aes256; AES-256 encryption +val_help: 3des; 3DES encryption diff --git a/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/hash/node.def b/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/hash/node.def index b4e5bd7..681f008 100644 --- a/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/hash/node.def +++ b/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/hash/node.def @@ -2,6 +2,5 @@ help: Hash algorithm type: txt default: "sha1" syntax:expression: $VAR(@) in "md5", "sha1"; "must be md5 or sha1" -comp_help: possible completions - md5 Set md5 hash - sha1 Set sha1 hash (default) +val_help: md5; MD5 hash +val_help: sha1; SHA1 hash (default) diff --git a/templates/vpn/ipsec/ike-group/node.def b/templates/vpn/ipsec/ike-group/node.def index 857fa2f..2fe118a 100644 --- a/templates/vpn/ipsec/ike-group/node.def +++ b/templates/vpn/ipsec/ike-group/node.def @@ -1,6 +1,4 @@ tag: type: txt -help: Internet Key Exchange (IKE) configuration +help: Name of Internet Key Exchange (IKE) group syntax:expression: pattern $VAR(@) "^[-_a-zA-Z0-9.]+$" ; "invalid IKE group name \"$VAR(@)\"" -comp_help: possible completions - <text> Set the name of an IKE group diff --git a/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/action/node.def b/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/action/node.def index 9cca902..ca722ab 100644 --- a/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/action/node.def +++ b/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/action/node.def @@ -2,7 +2,6 @@ help: Keep-alive failure action type: txt default: "hold" syntax:expression: $VAR(@) in "hold", "clear", "restart"; "must be hold, or clear, or restart" -comp_help: possible completions - hold Set action to hold (default) - clear Set action to clear - restart Set action to restart +val_help: hold; Set action to hold (default) +val_help: clear; Set action to clear +val_help: restart; Set action to restart diff --git a/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/interval/node.def b/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/interval/node.def index e712142..4fdebe9 100644 --- a/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/interval/node.def +++ b/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/interval/node.def @@ -2,5 +2,4 @@ help: Keep-alive interval type: u32 default: 30 syntax:expression: ($VAR(@) >= 15 && $VAR(@) <= 86400) ; "must be between 15-86400 seconds" -comp_help: possible completions - <15-86400> Set keep-alive interval in seconds (default 30) +val_help: u32:15-86400; Keep-alive interval in seconds (default 30) diff --git a/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/timeout/node.def b/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/timeout/node.def index 5ea89b8..939be1c 100644 --- a/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/timeout/node.def +++ b/templates/vpn/ipsec/ike-group/node.tag/dead-peer-detection/timeout/node.def @@ -2,7 +2,6 @@ help: Keep-alive timeout type: u32 default: 120 syntax:expression: ($VAR(@) >= 30 && $VAR(@) <= 86400) ; "must be between 30-86400 seconds" -comp_help: possible completions - <30-86400> Set keep-alive timeout in seconds (default 120) +val_help: u32:30-86400; Keep-alive timeout in seconds (default 120) diff --git a/templates/vpn/ipsec/ike-group/node.tag/lifetime/node.def b/templates/vpn/ipsec/ike-group/node.tag/lifetime/node.def index 1bbf7c4..980ed94 100644 --- a/templates/vpn/ipsec/ike-group/node.tag/lifetime/node.def +++ b/templates/vpn/ipsec/ike-group/node.tag/lifetime/node.def @@ -2,5 +2,4 @@ help: IKE lifetime type: u32 default: 28800 syntax:expression: ($VAR(@) >= 30 && $VAR(@) <= 86400) ; "must between 30-86400 seconds" -comp_help: possible completions - <30-86400> Set IKE lifetime (default 28800) +val_help: u32:30-86400; IKE lifetime in seconds (default 28800) diff --git a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.def b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.def index f936d23..d269874 100644 --- a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.def +++ b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.def @@ -2,6 +2,5 @@ tag: help: IKE-group proposal [REQUIRED] type: u32 syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 65535) ; "must be between 1-65535" -comp_help: possible completions - <1-65535> Set ike-group proposal +val_help: u32:1-65535; IKE-group proposal diff --git a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/dh-group/node.def b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/dh-group/node.def index 2056e39..d7c2fd5 100644 --- a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/dh-group/node.def +++ b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/dh-group/node.def @@ -1,6 +1,5 @@ help: Diffie-Hellman (DH) key exchange group type: u32 syntax:expression: ($VAR(@) == 2 || $VAR(@) == 5); "must be 2 or 5" -comp_help: possible completions - 2 Set dh2 - 5 Set dh5 +val_help: 2; DH group 2 +val_help: 5; DH group 5 diff --git a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/encryption/node.def b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/encryption/node.def index 34e9705..1c02803 100644 --- a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/encryption/node.def +++ b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/encryption/node.def @@ -2,7 +2,6 @@ help: Encryption algorithm type: txt default: "aes128" syntax:expression: $VAR(@) in "aes128", "aes256", "3des"; "must be aes128, or aes256, or 3des" -comp_help: possible completions - aes128 Set aes128 encryption (default) - aes256 Set aes256 encryption - 3des Set 3des encryption +val_help: aes128; AES-128 encryption (default) +val_help: aes256; AES-256 encryption +val_help: 3des; 3DES encryption diff --git a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/hash/node.def b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/hash/node.def index c8ffb9d..681f008 100644 --- a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/hash/node.def +++ b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/hash/node.def @@ -2,6 +2,5 @@ help: Hash algorithm type: txt default: "sha1" syntax:expression: $VAR(@) in "md5", "sha1"; "must be md5 or sha1" -comp_help: possible completions - md5 Set md5 hash - sha1 Set sha1 hash (default) +val_help: md5; MD5 hash +val_help: sha1; SHA1 hash (default) diff --git a/templates/vpn/ipsec/logging/log-modes/node.def b/templates/vpn/ipsec/logging/log-modes/node.def index 978504f..f0dd9f4 100644 --- a/templates/vpn/ipsec/logging/log-modes/node.def +++ b/templates/vpn/ipsec/logging/log-modes/node.def @@ -2,11 +2,10 @@ multi: help: Log mode type: txt syntax:expression: $VAR(@) in "raw", "crypt", "parsing", "emitting", "control", "all", "private" ; "must be one of the following: raw, crypt, parsing, emitting, control, all, private" -comp_help: Additional pluto debug log options: - raw - crypt - parsing - emitting - control - all - private +val_help: raw; Debug log option for pluto +val_help: crypt; Debug log option for pluto +val_help: parsing; Debug log option for pluto +val_help: emitting; Debug log option for pluto +val_help: control; Debug log option for pluto +val_help: all; Debug log option for pluto +val_help: private; Debug log option for pluto diff --git a/templates/vpn/ipsec/nat-traversal/node.def b/templates/vpn/ipsec/nat-traversal/node.def index fb62c8f..d677aef 100644 --- a/templates/vpn/ipsec/nat-traversal/node.def +++ b/templates/vpn/ipsec/nat-traversal/node.def @@ -1,6 +1,5 @@ help: Network Address Translation (NAT) traversal type: txt syntax:expression: $VAR(@) in "enable", "disable"; "must be enable or disable" -comp_help: possible completions: - enable Set NAT-T enabled - disable Set NAT-T disabled +val_help: enable; Enable NAT-T +val_help: disable; Disable NAT-T diff --git a/templates/vpn/ipsec/site-to-site/peer/node.def b/templates/vpn/ipsec/site-to-site/peer/node.def index c7448b8..5c55bf7 100644 --- a/templates/vpn/ipsec/site-to-site/peer/node.def +++ b/templates/vpn/ipsec/site-to-site/peer/node.def @@ -1,7 +1,6 @@ tag: type: txt help: VPN peer -comp_help: Allowed values: - <x.x.x.x> Set IP address of the peer - <text> Set the hostname of the peer - @<text> Set the ID of the peer +val_help: ipv4; IP address of the peer +val_help: txt; Hostname of the peer +val_help: @<text>; ID of the peer diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/id/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/id/node.def index 7454c7d..1ae62d5 100644 --- a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/id/node.def +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/id/node.def @@ -2,5 +2,4 @@ help: ID for peer authentication type: txt syntax:expression: pattern $VAR(@) "^@[[:alpha:]_]+(\.[[:alnum:]][-_[:alnum:]]*)*$" ; "invalid ID \"$VAR(@)\"" -comp_help:Possible completions: - @<text> ID used for peer authentication +val_help: @<text>; ID used for peer authentication diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/mode/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/mode/node.def index ddba87e..25f5f66 100644 --- a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/mode/node.def +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/mode/node.def @@ -2,6 +2,5 @@ help: Authentication mode type: txt default: "pre-shared-secret" syntax:expression: $VAR(@) in "pre-shared-secret", "rsa"; "must be pre-shared-secret or rsa" -comp_help: possible completions: - pre-shared-secret Set authentication mode to use pre shared secret key - rsa Set authentication mode to use RSA key +val_help: pre-shared-secret; Use pre-shared secret key +val_help: rsa; Use RSA key diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/remote-id/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/remote-id/node.def index ec1e90a..17f2d41 100644 --- a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/remote-id/node.def +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/remote-id/node.def @@ -1,4 +1,2 @@ help: ID for remote authentication type: txt -comp_help:Possible completions: - <text> ID used for remote authentication diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/allow-nat-networks/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/allow-nat-networks/node.def index 1288fc0..d29d6fc 100644 --- a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/allow-nat-networks/node.def +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/allow-nat-networks/node.def @@ -2,6 +2,5 @@ help: Option to allow NAT networks type: txt default: "disable" syntax:expression: $VAR(@) in "enable", "disable"; "must be enable or disable" -comp_help: possible completions: - enable Set NAT networks enabled - disable Set NAT networks disabled (default) +val_help: enable; Enable NAT networks +val_help: disable; Disable NAT networks (default) diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/allow-public-networks/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/allow-public-networks/node.def index 74c6cee..c0325ca 100644 --- a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/allow-public-networks/node.def +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/allow-public-networks/node.def @@ -2,6 +2,5 @@ help: Option to allow public networks type: txt default: "disable" syntax:expression: $VAR(@) in "enable", "disable"; "must be enable or disable" -comp_help: possible completions: - enable Set public networks enabled - disable Set public networks disabled (default) +val_help: enable; Enable public networks +val_help: disable; Disable public networks (default) diff --git a/templates/vpn/rsa-keys/rsa-key-name/node.def b/templates/vpn/rsa-keys/rsa-key-name/node.def index 0aaf8ea..575b504 100644 --- a/templates/vpn/rsa-keys/rsa-key-name/node.def +++ b/templates/vpn/rsa-keys/rsa-key-name/node.def @@ -1,5 +1,3 @@ tag: type: txt -help: Remote RSA key -comp_help: possible completions: - <text> Set name of RSA key +help: Name of remote RSA key diff --git a/templates/vpn/rsa-keys/rsa-key-name/node.tag/rsa-key/node.def b/templates/vpn/rsa-keys/rsa-key-name/node.tag/rsa-key/node.def index 29775a4..3fdcc18 100644 --- a/templates/vpn/rsa-keys/rsa-key-name/node.tag/rsa-key/node.def +++ b/templates/vpn/rsa-keys/rsa-key-name/node.tag/rsa-key/node.def @@ -1,4 +1,2 @@ help: Remote RSA key type: txt -comp_help: possible completions: - <text> Set the actual RSA key |